aboutsummaryrefslogtreecommitdiffstats
path: root/testing/apparmor
diff options
context:
space:
mode:
authorallgdante <allan.garret@gmail.com>2019-01-31 14:57:00 +0000
committerAndy Postnikov <apostnikov@gmail.com>2019-01-31 18:58:36 +0200
commitdb71657811113505e8ebd6cada74c97313eb4200 (patch)
tree6636d3796f599ca0a0f010e403dd1ca819bfa006 /testing/apparmor
parent7bbc0dad2f8260a50fa078b831a3b1a46024aaac (diff)
downloadaports-db71657811113505e8ebd6cada74c97313eb4200.tar.bz2
aports-db71657811113505e8ebd6cada74c97313eb4200.tar.xz
testing/apparmor: upgrade to 2.13.2
Diffstat (limited to 'testing/apparmor')
-rw-r--r--testing/apparmor/0001-Fix-linking-against-gettext-on-musl-libc.patch (renamed from testing/apparmor/0006-Fix-linking-against-gettext-on-musl-libc.patch)8
-rw-r--r--testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch59
-rw-r--r--testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch46
-rw-r--r--testing/apparmor/0002-utils-remove-vim-from-the-default-build.patch (renamed from testing/apparmor/0007-utils-remove-vim-from-the-default-build.patch)6
-rw-r--r--testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch53
-rw-r--r--testing/apparmor/0003-parser-remove-specific-tests-for-rttime.patch (renamed from testing/apparmor/0008-parser-remove-specific-tests-for-rttime.patch)6
-rw-r--r--testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch53
-rw-r--r--testing/apparmor/0004-parser-remove-specific-tests-for-ofile.patch (renamed from testing/apparmor/0009-parser-remove-specific-tests-for-ofile.patch)6
-rw-r--r--testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch96
-rw-r--r--testing/apparmor/0005-utils-adjust-tests-to-match-the-Alpine-layout.patch (renamed from testing/apparmor/0010-utils-adjust-tests-to-match-the-Alpine-layout.patch)8
-rw-r--r--testing/apparmor/0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch (renamed from testing/apparmor/0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch)6
-rw-r--r--testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch39
-rw-r--r--testing/apparmor/APKBUILD59
13 files changed, 89 insertions, 356 deletions
diff --git a/testing/apparmor/0006-Fix-linking-against-gettext-on-musl-libc.patch b/testing/apparmor/0001-Fix-linking-against-gettext-on-musl-libc.patch
index 3f14d92815..4180cf6581 100644
--- a/testing/apparmor/0006-Fix-linking-against-gettext-on-musl-libc.patch
+++ b/testing/apparmor/0001-Fix-linking-against-gettext-on-musl-libc.patch
@@ -1,7 +1,7 @@
-From 3a8b6738b80faa9049cdda00de86eac33aa677b8 Mon Sep 17 00:00:00 2001
+From 183849ec988c7326bcb9bf729d087e262d121b67 Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Wed, 4 Jul 2018 16:57:19 +0200
-Subject: [PATCH 06/11] Fix linking against gettext on musl libc
+Subject: [PATCH 1/7] Fix linking against gettext on musl libc
Both parser and binutils must be linked against gettext
---
@@ -23,7 +23,7 @@ index 7fb71813..52e55f70 100644
ifdef USE_SYSTEM
# Using the system libapparmor so Makefile dependencies can't be used
diff --git a/parser/Makefile b/parser/Makefile
-index b18cfe41..193a30f7 100644
+index 5d799f6a..000540a3 100644
--- a/parser/Makefile
+++ b/parser/Makefile
@@ -90,7 +90,7 @@ AAREDIR= libapparmor_re
@@ -36,5 +36,5 @@ index b18cfe41..193a30f7 100644
ifdef USE_SYSTEM
# Using the system libapparmor so Makefile dependencies can't be used
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch b/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch
deleted file mode 100644
index 590ccd489e..0000000000
--- a/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From e9b875a4b48d5a41d6c398a44ac6bec216fded5f Mon Sep 17 00:00:00 2001
-From: Steve Beattie <steve.beattie@canonical.com>
-Date: Wed, 18 Apr 2018 12:37:09 -0700
-Subject: [PATCH 01/11] libapparmor: fix reallocarray FTBFS w/older glibc
-
-The recently added overlay cache directory support added to libapparmor
-makes use of reallocarray(3) to resize memory allocations; however,
-reallocarray() was only included in glibc 2.26. This commit adds a
-configure check for reallocarray() and if it's not available, provides
-it as a wrapper around realloc(3).
-
-PR: https://gitlab.com/apparmor/apparmor/merge_requests/100
-Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
-Acked-by: John Johansen <john.johansen@canonical.com>
-
-(cherry picked from commit 8e6313761246099429e9bd12ea6db02d7052188b)
----
- libraries/libapparmor/configure.ac | 2 +-
- libraries/libapparmor/src/private.c | 11 +++++++++++
- 2 files changed, 12 insertions(+), 1 deletion(-)
-
-diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac
-index 479ba6dd..73d99398 100644
---- a/libraries/libapparmor/configure.ac
-+++ b/libraries/libapparmor/configure.ac
-@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes)
- AC_HEADER_STDC
- AC_CHECK_HEADERS(unistd.h stdint.h syslog.h)
-
--AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv])
-+AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray])
-
- AM_PROG_CC_C_O
- AC_C_CONST
-diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c
-index bece09d1..218f6628 100644
---- a/libraries/libapparmor/src/private.c
-+++ b/libraries/libapparmor/src/private.c
-@@ -43,6 +43,17 @@
- #endif
- #endif
-
-+/**
-+ * Allow libapparmor to build on older glibcs and other libcs that do
-+ * not support reallocarray.
-+ */
-+#ifndef HAVE_REALLOCARRY
-+void *reallocarray(void *ptr, size_t nmemb, size_t size)
-+{
-+ return realloc(ptr, nmemb * size);
-+}
-+#endif
-+
- struct ignored_suffix_t {
- const char * text;
- int len;
---
-2.17.1
-
diff --git a/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch b/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch
deleted file mode 100644
index a82d27d9cf..0000000000
--- a/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 8defe4bcb2f37e39d9d10300af82f8c62b7be84f Mon Sep 17 00:00:00 2001
-From: Patrick Steinhardt <ps@pks.im>
-Date: Thu, 26 Apr 2018 14:51:43 +0100
-Subject: [PATCH 02/11] libapparmor: make `aa_policy_cache_add_ro_dir` function
- visible
-
-While the parser makes use of the `aa_policy_cache_add_ro_dir` function,
-it is not being declared as a global function in the libapparmor.map
-file. Due to this, dynamic linking of apparmor_parser with
-libapparmor.so is not possible.
-
-[Fixed up to use 2.13.1 symbol section as when the
- `aa_policy_cache_add_ro_dir` was introduced -- @smb]
-
-(cherry picked from commit 1506f2cf0e89b0a04154c64ec058ab0f5541692e)
-
-Signed-off-by: Patrick Steinhardt <ps@pks.im>
-Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
-Acked-by: John Johansen <john.johansen@canonical.com>
-
-PR: https://gitlab.com/apparmor/apparmor/merge_requests/107
----
- libraries/libapparmor/src/libapparmor.map | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/libraries/libapparmor/src/libapparmor.map b/libraries/libapparmor/src/libapparmor.map
-index 1ca2bd6b..f5b55836 100644
---- a/libraries/libapparmor/src/libapparmor.map
-+++ b/libraries/libapparmor/src/libapparmor.map
-@@ -108,6 +108,13 @@ APPARMOR_2.13 {
- *;
- } APPARMOR_2.11;
-
-+APPARMOR_2.13.1 {
-+ global:
-+ aa_policy_cache_add_ro_dir;
-+ local:
-+ *;
-+} APPARMOR_2.13;
-+
- PRIVATE {
- global:
- _aa_is_blacklisted;
---
-2.17.1
-
diff --git a/testing/apparmor/0007-utils-remove-vim-from-the-default-build.patch b/testing/apparmor/0002-utils-remove-vim-from-the-default-build.patch
index 14ea3ea499..f3fa0bbc61 100644
--- a/testing/apparmor/0007-utils-remove-vim-from-the-default-build.patch
+++ b/testing/apparmor/0002-utils-remove-vim-from-the-default-build.patch
@@ -1,7 +1,7 @@
-From 09cfa1f321a306429390a8ed2b347d5335f75126 Mon Sep 17 00:00:00 2001
+From 24aca47716b70c1d0e3b58a1fbd8e312fec70e07 Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Wed, 4 Jul 2018 17:02:34 +0200
-Subject: [PATCH 07/11] utils: remove vim from the default build
+Subject: [PATCH 2/7] utils: remove vim from the default build
We will build the vim utils as a separate target
---
@@ -42,5 +42,5 @@ index 68f8c376..01604796 100644
$(MAKE) -C test check
- $(MAKE) -C vim check
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch b/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch
deleted file mode 100644
index 71c88b8699..0000000000
--- a/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From f55d5b3ff0be7c8e903dc367b7747324e9556dd5 Mon Sep 17 00:00:00 2001
-From: Patrick Steinhardt <ps@pks.im>
-Date: Thu, 26 Apr 2018 14:52:17 +0100
-Subject: [PATCH 03/11] libapparmor: do not honor $LIBAPPARMOR_DEBUG when
- `secure_getenv` is undefined
-
-The `secure_getenv` function is a non-POSIX compliant extension of
-glibc. In contrast to the POSIX `getenv`, `secure_getenv` will return
-`NULL` for all environment variables when the program is run with
-escalated privileges due to an SUID or SGID bit. Some strictly
-POSIX-compliant libc libraries, most notably musl libc, do not have this
-function and do not wish to implement it. Thus, AppArmor cannot be
-compiled on such systems.
-
-In libapparmor, `secure_getenv` is only used to determine whether the
-environment variable DEBUG_ENV_VAR has been set to enable debugging. In
-case an unprivileged user runs a SUID/SGID executable linked against
-libapparmor, we do not want that user to be able to get additional
-information via debug output.
-
-The fix here is to produce an error only in case where debug output is
-enabled by defining ENABLE_DEBUG_OUTPUT. Otherwise, we simply define
-`secure_getenv` to `NULL` to completely disable the debug output.
-
-(cherry picked from commit 778176b9d84580f2e5a3be301ef9797b34ed69b9)
-
-Signed-off-by: Patrick Steinhardt <ps@pks.im>
-Acked-by: Steve Beattie <steve@nxnw.org>
-
-PR: https://gitlab.com/apparmor/apparmor/merge_requests/107
----
- libraries/libapparmor/src/private.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c
-index 218f6628..f5cc2a4c 100644
---- a/libraries/libapparmor/src/private.c
-+++ b/libraries/libapparmor/src/private.c
-@@ -38,8 +38,10 @@
- #ifndef HAVE_SECURE_GETENV
- #ifdef HAVE___SECURE_GETENV
- #define secure_getenv __secure_getenv
-+ #elif ENABLE_DEBUG_OUTPUT
-+ #error Debug output is not possible without a secure_getenv() implementation.
- #else
-- #error neither secure_getenv nor __secure_getenv is available
-+ #define secure_getenv(env) NULL
- #endif
- #endif
-
---
-2.17.1
-
diff --git a/testing/apparmor/0008-parser-remove-specific-tests-for-rttime.patch b/testing/apparmor/0003-parser-remove-specific-tests-for-rttime.patch
index 7f7c51ec5d..fe5ac45d4b 100644
--- a/testing/apparmor/0008-parser-remove-specific-tests-for-rttime.patch
+++ b/testing/apparmor/0003-parser-remove-specific-tests-for-rttime.patch
@@ -1,7 +1,7 @@
-From 965304dcdd7bc69f861a8d796dccbf807cbec5f9 Mon Sep 17 00:00:00 2001
+From 3e78593208264935ed2589d784cbcb69f750c274 Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Wed, 4 Jul 2018 17:05:10 +0200
-Subject: [PATCH 08/11] parser: remove specific tests for rttime
+Subject: [PATCH 3/7] parser: remove specific tests for rttime
musl libc doesn't implement this feature, so the tests fail.
We must find a way to skip those tests instead of removing them
@@ -69,5 +69,5 @@ index f2747f10..00000000
- set rlimit rttime <= 60minutes,
-}
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch b/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch
deleted file mode 100644
index 784fa52c77..0000000000
--- a/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From 2e32573574a01681b2b159016e77b0de21e9d70d Mon Sep 17 00:00:00 2001
-From: Patrick Steinhardt <ps@pks.im>
-Date: Thu, 26 Apr 2018 14:54:05 +0100
-Subject: [PATCH 04/11] parser: provide typedefs for comparison_fn_t and
- __free_fn_t
-
-The POSIX standard never defines the typedefs `comparison_fn_t` and
-`__free_fn_t`, but they are provided by glibc and user in the parsing
-code. Provide the typedefs ourselves to fix compiling on musl based
-systems.
-
-(cherry picked from commit 655d3e782661aa756a53b45b2235205f88e1e0d0)
-
-Signed-off-by: Patrick Steinhardt <ps@pks.im>
-Acked-by: John Johansen <john.johansen@canonical.com>
-Acked-by: Steve Beattie <steve@nxnw.org>
-
-PR: https://gitlab.com/apparmor/apparmor/merge_requests/107
----
- parser/parser_alias.c | 2 ++
- parser/parser_symtab.c | 3 +++
- 2 files changed, 5 insertions(+)
-
-diff --git a/parser/parser_alias.c b/parser/parser_alias.c
-index f5b6da4e..b96d18f8 100644
---- a/parser/parser_alias.c
-+++ b/parser/parser_alias.c
-@@ -25,6 +25,8 @@
- #include "parser.h"
- #include "profile.h"
-
-+typedef int (*comparison_fn_t)(const void *, const void *);
-+
- struct alias_rule {
- char *from;
- char *to;
-diff --git a/parser/parser_symtab.c b/parser/parser_symtab.c
-index 3e667d87..7b8f211b 100644
---- a/parser/parser_symtab.c
-+++ b/parser/parser_symtab.c
-@@ -25,6 +25,9 @@
- #include "immunix.h"
- #include "parser.h"
-
-+typedef int (*comparison_fn_t)(const void *, const void *);
-+typedef void (*__free_fn_t)(void *);
-+
- enum var_type {
- sd_boolean,
- sd_set,
---
-2.17.1
-
diff --git a/testing/apparmor/0009-parser-remove-specific-tests-for-ofile.patch b/testing/apparmor/0004-parser-remove-specific-tests-for-ofile.patch
index 9c19130cf5..2847bc1df2 100644
--- a/testing/apparmor/0009-parser-remove-specific-tests-for-ofile.patch
+++ b/testing/apparmor/0004-parser-remove-specific-tests-for-ofile.patch
@@ -1,7 +1,7 @@
-From baf1eeb398d0201260a11a9ba9270461da7a0dc3 Mon Sep 17 00:00:00 2001
+From 7227f8c49cf74ff470248cdb946dd27872854979 Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Wed, 4 Jul 2018 17:08:11 +0200
-Subject: [PATCH 09/11] parser: remove specific tests for ofile
+Subject: [PATCH 4/7] parser: remove specific tests for ofile
musl libc doesn't implement this feature, so the test fail.
We must find a way to skip this test instead of removing it
@@ -24,5 +24,5 @@ index 6510ae72..00000000
- set rlimit ofile <= 1234,
-}
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch b/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch
deleted file mode 100644
index 895cd98d71..0000000000
--- a/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 1b918a4af49ae4a2644b089ff3263018157365ab Mon Sep 17 00:00:00 2001
-From: allgdante <allan.garret@gmail.com>
-Date: Wed, 4 Jul 2018 16:50:24 +0200
-Subject: [PATCH 05/11] libapparmor: fix scandirat with musl libc
-
-This commits adds a configure check for scandirat() and if it's
-not available, provides it an implementation based on scandir()
-from musl libc
----
- libraries/libapparmor/configure.ac | 2 +-
- libraries/libapparmor/src/private.c | 56 +++++++++++++++++++++++++++++
- 2 files changed, 57 insertions(+), 1 deletion(-)
-
-diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac
-index 73d99398..699f7477 100644
---- a/libraries/libapparmor/configure.ac
-+++ b/libraries/libapparmor/configure.ac
-@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes)
- AC_HEADER_STDC
- AC_CHECK_HEADERS(unistd.h stdint.h syslog.h)
-
--AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray])
-+AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray scandirat])
-
- AM_PROG_CC_C_O
- AC_C_CONST
-diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c
-index f5cc2a4c..5c023d32 100644
---- a/libraries/libapparmor/src/private.c
-+++ b/libraries/libapparmor/src/private.c
-@@ -45,6 +45,62 @@
- #endif
- #endif
-
-+/**
-+ * Allow libapparmor to build on other libcs that do not support scandirat
-+ */
-+#ifndef HAVE_SCANDIRAT
-+#include <inttypes.h>
-+
-+int scandirat(int dir_fd, const char *dirp, struct dirent ***namelist,
-+ int (*filter)(const struct dirent *),
-+ int (*compar)(const struct dirent **, const struct dirent **))
-+{
-+ int fd;
-+ DIR *d;
-+ struct dirent *de, **names=0, **tmp;
-+ size_t cnt=0, len=0;
-+ int old_errno = errno;
-+
-+
-+ fd = openat(dir_fd, dirp, O_RDONLY|O_CLOEXEC);
-+ if (fd == -1) return -1;
-+
-+ d = fdopendir(fd);
-+
-+ if (!d) {
-+ close(fd);
-+ return -1;
-+ }
-+
-+ while ((errno=0), (de = readdir(d))) {
-+ if (filter && !filter(de)) continue;
-+ if (cnt >= len) {
-+ len = 2*len+1;
-+ if (len > SIZE_MAX/sizeof *names) break;
-+ tmp = realloc(names, len * sizeof *names);
-+ if (!tmp) break;
-+ names = tmp;
-+ }
-+ names[cnt] = malloc(de->d_reclen);
-+ if (!names[cnt]) break;
-+ memcpy(names[cnt++], de, de->d_reclen);
-+ }
-+
-+ closedir(d);
-+
-+ if (errno) {
-+ if (names) while (cnt-->0) free(names[cnt]);
-+ free(names);
-+ return -1;
-+ }
-+ errno = old_errno;
-+
-+ if (compar) qsort(names, cnt, sizeof *names, (int (*)(const void *, const void *))compar);
-+ *namelist = names;
-+ return cnt;
-+}
-+#endif
-+
- /**
- * Allow libapparmor to build on older glibcs and other libcs that do
- * not support reallocarray.
---
-2.17.1
-
diff --git a/testing/apparmor/0010-utils-adjust-tests-to-match-the-Alpine-layout.patch b/testing/apparmor/0005-utils-adjust-tests-to-match-the-Alpine-layout.patch
index ef89db63d3..9173850234 100644
--- a/testing/apparmor/0010-utils-adjust-tests-to-match-the-Alpine-layout.patch
+++ b/testing/apparmor/0005-utils-adjust-tests-to-match-the-Alpine-layout.patch
@@ -1,7 +1,7 @@
-From 775861e7dc083c1fdab3cfb2d2b710b6091ac424 Mon Sep 17 00:00:00 2001
+From dcd62ba910aa8c54576cba0e442478cfacd916d6 Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Wed, 4 Jul 2018 17:11:42 +0200
-Subject: [PATCH 10/11] utils: adjust tests to match the Alpine layout
+Subject: [PATCH 5/7] utils: adjust tests to match the Alpine layout
Here we need to adjust several utilities path with the ones used by
Alpine
@@ -10,7 +10,7 @@ Alpine
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/utils/test/test-aa.py b/utils/test/test-aa.py
-index 243283a9..41693830 100644
+index d93b8eae..b40a2001 100644
--- a/utils/test/test-aa.py
+++ b/utils/test/test-aa.py
@@ -154,12 +154,12 @@ class AaTest_get_interpreter_and_abstraction(AATest):
@@ -31,5 +31,5 @@ index 243283a9..41693830 100644
('#!/usr/bin/python2.7', ('/usr/bin/python2.7', 'abstractions/python')),
('#!/usr/bin/python3', ('/usr/bin/python3', 'abstractions/python')),
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch b/testing/apparmor/0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch
index 36c6cd8b93..14dddeae1e 100644
--- a/testing/apparmor/0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch
+++ b/testing/apparmor/0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch
@@ -1,7 +1,7 @@
-From 10def67d03ac5ae5cdd4a9b82f643869deb43f60 Mon Sep 17 00:00:00 2001
+From 72a3291fc94210401e5dac3b2fa328b2bb40998d Mon Sep 17 00:00:00 2001
From: allgdante <allan.garret@gmail.com>
Date: Thu, 5 Jul 2018 17:32:46 +0200
-Subject: [PATCH 11/11] utils: adjust rc functions for aa-remove-unknown
+Subject: [PATCH 6/7] utils: adjust rc functions for aa-remove-unknown
Update the path to the rc.apparmor.functions file to the one we can find
inside Alpine.
@@ -24,5 +24,5 @@ index d3bd9144..0b9ead7d 100644
PROFILES="${APPARMORFS}/profiles"
REMOVE="${APPARMORFS}/.remove"
--
-2.17.1
+2.20.1
diff --git a/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch b/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch
new file mode 100644
index 0000000000..bad8cbe195
--- /dev/null
+++ b/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch
@@ -0,0 +1,39 @@
+From 05dd326460042c0f82234b7299a0327529c98d4f Mon Sep 17 00:00:00 2001
+From: allgdante <allan.garret@gmail.com>
+Date: Thu, 31 Jan 2019 13:36:34 +0000
+Subject: [PATCH 7/7] Remove Locale::gettext from parser tests
+
+The package for Alpine doesn't exists and it seems that the tests run ok
+without this
+---
+ parser/tst/gen-dbus.pl | 1 -
+ parser/tst/gen-xtrans.pl | 1 -
+ 2 files changed, 2 deletions(-)
+
+diff --git a/parser/tst/gen-dbus.pl b/parser/tst/gen-dbus.pl
+index 1fe58108..3fa5d0ce 100755
+--- a/parser/tst/gen-dbus.pl
++++ b/parser/tst/gen-dbus.pl
+@@ -17,7 +17,6 @@
+ #
+
+ use strict;
+-use Locale::gettext;
+ use POSIX;
+
+ setlocale(LC_MESSAGES, "");
+diff --git a/parser/tst/gen-xtrans.pl b/parser/tst/gen-xtrans.pl
+index 8cf077f4..64219cef 100755
+--- a/parser/tst/gen-xtrans.pl
++++ b/parser/tst/gen-xtrans.pl
+@@ -1,7 +1,6 @@
+ #!/usr/bin/perl
+
+ use strict;
+-use Locale::gettext;
+ use POSIX;
+
+ setlocale(LC_MESSAGES, "");
+--
+2.20.1
+
diff --git a/testing/apparmor/APKBUILD b/testing/apparmor/APKBUILD
index 9cfa120d69..952436a5f7 100644
--- a/testing/apparmor/APKBUILD
+++ b/testing/apparmor/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Allan Garret <allan.garret@gmail.com>
# Maintainer: Allan Garret <allan.garret@gmail.com>
pkgname=apparmor
-pkgver=2.13
+pkgver=2.13.2
pkgrel=0
pkgdesc="Linux application security framework - mandatory access control for programs"
url="https://gitlab.com/apparmor/apparmor/wikis/home"
@@ -9,7 +9,7 @@ arch="all"
license="GPL"
depends="bash"
makedepends="bash sed python3 autoconf automake libtool bison flex perl-dev swig gettext-dev python3-dev linux-pam-dev linux-headers"
-options="!check"
+checkdepends="dejagnu py3-pyflakes python2"
subpackages="
libapparmor:_libapparmor
@@ -23,28 +23,25 @@ subpackages="
$pkgname-profiles:_apparmor_profiles:noarch
$pkgname-pam:_apparmor_pam
$pkgname-vim:_apparmor_vim:noarch
+ $pkgname-openrc
$pkgname-doc
$pkgname-lang
"
source="
- https://launchpad.net/$pkgname/$pkgver/$pkgver.0/+download/$pkgname-$pkgver.tar.gz
+ https://gitlab.com/apparmor/apparmor/-/archive/v$pkgver/apparmor-v$pkgver.tar.gz
apparmor.initd
- 0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch
- 0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch
- 0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch
- 0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch
- 0005-libapparmor-fix-scandirat-with-musl-libc.patch
- 0006-Fix-linking-against-gettext-on-musl-libc.patch
- 0007-utils-remove-vim-from-the-default-build.patch
- 0008-parser-remove-specific-tests-for-rttime.patch
- 0009-parser-remove-specific-tests-for-ofile.patch
- 0010-utils-adjust-tests-to-match-the-Alpine-layout.patch
- 0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch
+ 0001-Fix-linking-against-gettext-on-musl-libc.patch
+ 0002-utils-remove-vim-from-the-default-build.patch
+ 0003-parser-remove-specific-tests-for-rttime.patch
+ 0004-parser-remove-specific-tests-for-ofile.patch
+ 0005-utils-adjust-tests-to-match-the-Alpine-layout.patch
+ 0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch
+ 0007-Remove-Locale-gettext-from-parser-tests.patch
"
-builddir="$srcdir"/$pkgname-$pkgver
+builddir="$srcdir"/$pkgname-v$pkgver
build() {
export PYTHON_VERSION=3
@@ -77,12 +74,21 @@ build() {
make -C utils/vim
}
+check() {
+ cd "$builddir"/libraries/libapparmor
+ make check
+
+ cd "$builddir"
+ make -C parser check
+ make -C binutils check
+ make -e PYFLAKES=pyflakes-3 -C utils check
+}
+
package() {
cd "$builddir"
make -C parser install DESTDIR="$pkgdir"
mv "$pkgdir"/lib "$pkgdir"/usr/lib
- mv "$pkgdir"/sbin "$pkgdir"/usr/sbin
mkdir -p "$pkgdir"/usr/libexec/apparmor
mv "$pkgdir"/usr/lib/apparmor/rc.apparmor.functions \
"$pkgdir"/usr/libexec/apparmor/
@@ -93,7 +99,6 @@ package() {
_libapparmor() {
pkgdesc="AppArmor library"
- makedepends="swig python3-dev perl-dev"
depends="bash sed"
cd "$builddir"
@@ -211,16 +216,12 @@ _apparmor_vim() {
-sha512sums="f98914713153d4c823a3ea7e96291cc4528bf7c8d3a139286ae0ecd806613e9c34b0ad81f2b258df2193cf6f3157d3252ef72d32d339427948a3fd8ba5651827 apparmor-2.13.tar.gz
+sha512sums="8d29511a4dc4d9734e915620c2ef0da17aff017a4b2171aa36b607afed6e9d899d9fdf3711ce5ba0421b70190188b2c88b53e6517883c2b096f3444ad3dca534 apparmor-v2.13.2.tar.gz
1a57cc577ba3aedfbe10ef6148c1e8f5d0bbf65c99e60eec80c52409c9dab59ae002024500c6e4fd0e01e8c7aeb0c85e3e6b41cacee08c17fdd869d31bca614e apparmor.initd
-1707a2b51d354f9c0e9f0212e414ae1c95de13fdb084892ab17a75ca957681c48830db204683e86daa464ed022dc9dbce7fa471dc1abb64c0723a029f146bc29 0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch
-2f6aa09b0cd93475d498d2d7f7b492849abc115d5ff5046cc565c1c0a6d0cb514cb2e3a5a51ee7d98878a40c7163304f431ffda0af40033666383abb9d8e6533 0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch
-20a5c5faa16b42005fc48499c8a270c5e84b5aff47c9be0daf8ba837e9012617a27a0c577a0b777e62c602f355237257f71b4acf07937594a7ca027b8a257f86 0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch
-8ccc41ef3363b3639f9809607c047e6da0dd1f784fabc9117b14726642c5a9015de95d64cb49f238b56ab80ee699dd8fe978c3265220728e220e90aaccab5ede 0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch
-f86fc232671721f22452496d61b591a651a427d073168f58da29f2134b3dc561815011e182ed1d065c2309bc0200e33410687c666a2063a8b1e5b5f0a8223a2c 0005-libapparmor-fix-scandirat-with-musl-libc.patch
-e3b6193f343cf8c288b914c4f9517117c570a3e3a172a44d8225be09d3215ed4ffd521e63a5dc5ca328179626e9f2f5e8e733943eac4feff5d4825097daca564 0006-Fix-linking-against-gettext-on-musl-libc.patch
-9a273ba5c92c84acfda45d5e177b8bab13a42a6b803b20ac5d55f800d1da95d5fa2fd91312062125b80b20eeb548d5c2d879b072927103d3aeafb90d3530b51f 0007-utils-remove-vim-from-the-default-build.patch
-8970817ef17137f8a2d79e66d778e15184bac45523afeaaed858b49fbfe6a4d1476121ed952c6c0219509212cca5fc87d03bd70ec669a460937723db7582acaf 0008-parser-remove-specific-tests-for-rttime.patch
-ed245911d743eb1bf13cc6cef947c0a82791226068ad91436918f1ddb039173b82ecaa1300e2655d5748af57a3c8cd9b27a1d6a66f411320765683474c8eafb5 0009-parser-remove-specific-tests-for-ofile.patch
-e4d50f89fbdda916af3ea0bc7d574ccba3d252ec1506d07e744fd35b556fb6ae6307f2c856135963f810e10ce8b866e67708cc48e06afbd9f5a7e3e68acea9fc 0010-utils-adjust-tests-to-match-the-Alpine-layout.patch
-4a1477e8c9ac22901809eb95b813ca6a7065dbae25f977cb6e7a819be6e2a450db9432f1b15137dc3b8daf83f4d54f85bbfed9001a891a20aa603ff2a64deeb7 0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch"
+e94f44427ed3c6f64462170939ffc92ce9ac1a58c61c7c7c3483fe16fe8e1c419daade9d56cdd342132e4d823dcac1963a86ad889f10bf71fd52b7f54c4694ed 0001-Fix-linking-against-gettext-on-musl-libc.patch
+20817633590c40eb5f6132c11396cf0bbd532b6e436aa90b6ccc61d7c914794d868ec981b91406f6c11f550102aa25a32982610445cc8e5e703ee90697233263 0002-utils-remove-vim-from-the-default-build.patch
+568e10bda27745ac6e1b9495bb6863e93466ee1c387912393c2c7396bcedd7400b13ee233dd953f82460328e3aae45dd2f7aba92962edef31330d6b4dbc9951b 0003-parser-remove-specific-tests-for-rttime.patch
+3a84fb3b2b19ccf52e179190e98ec0da2469727eaaa73d0094b0e9c85b80738c9cb9da9242d17a472a649e6042933bedb5f78c3f574d555369a4ece38a1d8a8a 0004-parser-remove-specific-tests-for-ofile.patch
+618b96c9d5e6059dff9fabb51ab9138ee8f7a6978a94f5805297b3dc4bd3836026ad50ec4f8496baa8f7978d17fe0a10ebfa3ff96e3d65f362e1cba33da8e115 0005-utils-adjust-tests-to-match-the-Alpine-layout.patch
+38ebb30a0185f8eabd9103925959da365f64ef485f66ffb10180ac596fc172f9c98df39baec0b035138e9ab32056148e69a066faba9faebf9e92bf7a09c150c0 0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch
+093c2f216776c5cc67294a134af6ef788dd5a82477592093abbdd244d65591006890a7c911d4f72d7c0ceac5d3ee33927b055a6d3731284701057b35372e7265 0007-Remove-Locale-gettext-from-parser-tests.patch"